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DETAILED ACTION 

1 . Claim 1 has been amended to overcome the Claim Objections mailed on 
04/04/2007. 

2. Claims 1-38 are pending for consideration. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-38 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1-3, 7, 11, 13-14, 18, 22-24, 29-34 and 36 are rejected under 35 

■ 

U.S.C. 102(e) as being anticipated by Leoutsarakos (US 2004/0039905) (hereinafter 
Leo). 

6. Regarding claim 1, Leo discloses a distributed authentication infrastructure 
including a plurality of nodes in communication with each other, each of said plurality of 
nodes having an identification and intended to perform a series of functions, one of said 
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series of functions for verifying said identification of said plurality of nodes (Leo: see 
figures 1, figure 7 (e.g., client unit 1 and corporate server are two distributed nodes) and 
paragraph 0074); and a centralized authentication infrastructure integrated into said 
distributed authentication infrastructure and including a central server, said central 
server being coupled to said plurality of nodes and being utilized for verifying said 
identification of said plurality of nodes (Leo: see Abstract section and paragraphs 001 1 , 
0051 (a central management unit manages a plurality of client units, a corporate server 
and a secure bridging unit)); wherein said distributed authentication infrastructure is 
initially implemented and said centralized authentication infrastructure is later integrated 
into said distributed authenticated infrastructure (Leo: see figure 1 (a central 
management server controls the communications among a plurality of clients, corporate 
server and secure bridging unit)); wherein said distributed authentication infrastructure 
is selected from the group consisting of a threshold cryptography service model and a 
web-of-trust service model (Leo: paragraphs 0057, 0061, 0064, 0072, 0085, 0096, 0108 
and 01 10); wherein said centralized authentication system is selected from the group 
consisting of a public key infrastructure and a Kerberos service model (Leo: paragraphs 
0035 and 0057); wherein said plurality of nodes include at least one of a personal digital 
assistant, a digital pager, a digital fax machine, a vide teleconferencing device, a 
wireless telephone, a portable computer, a desktop computer, and a communication 
device (Leo: paragraphs 0029 and 0034). 

7. Regarding claims 2 and 36, Leo further discloses wherein said plurality of nodes 
includes a verifying node coupled to a new entity for verifying the identification of said 
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new entity and enrolling said new entity into the hybrid authentication system (Leo: 
paragraph 0122). 

8. Regarding claim 3, Leo further discloses wherein said new entity provides said 
verifying node with at least one predetermined credential (Leo: paragraph 0122). 

9. Regarding claims 7 and 1 1 , Leo further discloses wherein said central server is 
said new entity (Leo: see figure 1 item 16). 

10. Regarding claim 13, Leo further discloses wherein said central server is coupled 
to said plurality of nodes for at least one of issuing a global directive thereto and 
bolstering said plurality of nodes by assisting with at least one of an enrollment task, an 
authentication task, and a permission granting task (Leo: see figure 1 item 16 and 
paragraphs 0013, 0051, 0120 and 0122). 

1 1 . Regarding claims 14 and 31 , Leo further discloses wherein said global directive 
includes at least one of a rekey instruction and a critical trust chain path, said rekey 
instruction and said critical trust chain path for providing a secured data transfer line 
(Leo: paragraphs 0011 and 0118 (e.g., re-generate all session keys and secure bridging 
unit)). 

12. Regarding claims 18 and 22, Leo further discloses wherein said second node is 
coupled to a trusted third party node from said plurality of nodes, said second node 
producing an authentication task signed by said first node and sending said 
authentication task to said trusted third party node, said trusted third party node 
verifying said identification of said first node (Leo: see figure 1 and Abstract section). 
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1 3. Regarding claim 23, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 
. 14. Regarding claim 24, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

1 5. Regarding claim 29, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

16. Regarding claim 30, Leo further discloses wherein said central server is coupled 
to said plurality of nodes for at least one of issuing a global directive thereto and 
supporting said plurality of nodes by assisting with at least one of an enrollment task, an 

r 

authentication task, and a permission granting task (Leo: see figure 1, Abstract section 
and paragraphs 0013 and 0120-0122). 

17. Regarding claim 32, this claim has limitations that is similar to those of claim 1, 
thus it is rejected with the same rationale applied against claim 1 above. 

18. Regarding claim 33, Leo further discloses wherein migrating comprises coupling 
a central server to said plurality of nodes (Leo: see figure 1). 

19. Regarding claim 34, Leo further discloses coupling said central server to a 
verifying node of said plurality of nodes; sending at least one predetermined credential 
from said central server to said verifying node; enrolling said central server into the 
hybrid authentication system (Leo: see figure 1 and paragraphs 0013 and 0122). 

20. 



Claim Rejections - 35 USC § 103 
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21 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

22. Claims 8 and 38 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Leo in view of Dinker (US 20040254984) (hereinafter Dinker). 

23. Regarding claim 8, Leo does not disclose wherein said distributed authentication 
infrastructure requires a quorum of said plurality of nodes for enrolling a new entity into 
the hybrid authentication system. However, Dinker discloses the quorum of said 
plurality of nodes for enrolling a new entity (Dinker: see figure 3 and paragraph 0010). 
Therefore, it would have been obvious to one ordinary skill in the art to apply the 
teaching of the quorum method of Dinker into the system of Leo to enhance security 
because the pre-selected nodes have to vote and agree with each other in order for the 
new entity get enrolled into the system. 

24. Regarding claim 38, this claim has limitations that is similar to those of claim 8, 
thus it is rejected with the same rationale applied against claim 8 above. 

25. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over Leo in 
view of Prabandham et al. (US 6701438) (hereinafter Prahandham). 

26. Regarding claim 12, Leo does not disclose in details wherein said central server 
is coupled to a new entity and is utilized for verifying the identification of said new entity 
and enrolling said new entity into the hybrid authentication system, said central server 
producing a log for recording a plurality of failed authentications and a plurality of failed 
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enrollments by said plurality of nodes. However, Prabandham discloses logging all 
failed authentications and/or failed authorizations by logging module (Prabandham: see 
figure 2 and column 3 line 65 through column 4 line 1). Therefore, it would have been 
obvious to one ordinary skill in the art to apply the teaching of logging all failed 
authentications and/or authorization of Prahandham into the system of Leo because 
logging module provides the selected logging protocols such that those received 
requests that do not have originate from the verified source or do not have appropriate 
permission are recorded by the logging module (Prabandham: column 2 lines 49-52) 

27. Claims 4-6, 15-17, 19-21, 25-28, 35 and 37 are rejected under 35 U.S.C. 103(a) 
as being unpatentable Leo in view of Benantar (US 2003/0130947) (hereinafter Ben). 

28. Regarding claim 4, Leo does not explicit disclose wherein said verifying node 
signs a certificate related to said new entity. However, Ben discloses wherein said 
verifying node signs a certificate related to said new entity (Ben: column 1 paragraph 
[0012]). Therefore, it would have been obvious to one ordinary skill in the art to apply 
the teaching of the certificate of Ben into the method of Leo to have a method and 
system that simplifies the administrative processing associated with the trust paths that 
are required for valid use of digital certificates (Ben: paragraph [001 1]). 

29. Regarding claims 5, 17 and 20, Leo does not explicit disclose wherein said 
central server publishes a certificate revocation list, said verifying node examining said 
certificate revocation list for determining whether said certificate has been revoked. Ben 
discloses wherein said central server publishes a certificate revocation list, said 
verifying node examining said certificate revocation list for determining whether said 
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certificate has been revoked (Ben: paragraphs [0043, 0047 and 0057]). Therefore, it 
would have been obvious to one ordinary skill in the art to apply the teaching of the 
certificate revocation list of Ben into the method of Leo to have a method and system 
that simplifies the administrative processing associated with the trust paths that are 
required for valid use of digital certificates (Ben: paragraph [0011]). 

30. Regarding claims 6, 16 and 21, Leo does not explicit disclose wherein a quorum 
of said plurality of nodes publishes a certificate revocation list, said verifying node 
examining said certificate revocation list for determining whether said certificate has 
been revoked. Ben discloses wherein a quorum of said plurality of nodes publishes a 
certificate revocation list, said verifying node examining said certificate revocation list for 
determining whether said certificate has been revoked (Ben: paragraphs [0043, 0047 
and 0057]). Therefore, it would have been obvious to one ordinary skill in the art to 
apply the teaching of the certificate revocation list of Ben into the method of Leo to have 
a method and system that simplifies the administrative processing associated with the 
trust paths that are required for valid use of digital certificates (Ben: paragraph [001 1]). 

31 . Regarding claims 15 and 19, Leo does not explicit disclose wherein said plurality 
of nodes includes a first node and a second node coupled to said first node, said first 
node presenting a first certificate to said second node for authenticating said first node. 
Ben discloses wherein said plurality of nodes includes a first node and a second node 
coupled to said first node, said first node presenting a first certificate to said second 
node for authenticating said first node (Ben: paragraphs [0008 and 0045]). Therefore, it 
would have been obvious to one ordinary skill in the art to apply the teaching of using a 
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certificate of Ben into the method of Leo to have a method and system that simplifies 
the administrative processing associated with the trust paths that are required for valid 
use of digital certificates (Ben: paragraph [0011]). 

32. Regarding claims 25-27, Leo does not explicit disclose wherein said plurality of 
nodes is a plurality of members including a first member and a second member, said 
certificate authority issuing a first group certificate to said first member that provides 
said first member with a first permission level, said certificate authority issuing a second 
group certificate to said second member that provides said second member with a 
second permission level. Ben discloses wherein said plurality of nodes is a plurality of 
members including a first member and a second member, said certificate authority 
issuing a first group certificate to said first member that provides said first member with 
a first permission level, said certificate authority issuing a second group certificate to 
said second member that provides said second member with a second permission level 
(Ben: see Abstract section). Therefore, it would have been obvious to one ordinary skill 
in the art to apply the teaching of using a certificate of Ben into the method of Leo to 
have a method and system that simplifies the administrative processing associated with 
the trust paths that are required for valid use of digital certificates (Ben: paragraph 
[0011]). 

33. Regarding claim 28, this claim has limitations that is similar to those of claims 25- 
27, thus it is rejected with the same rationale applied against claims 25-27 above. 

34. Regarding claims 35 and 37, Leo does not explicit disclose coupling said central 
server to a verifying node of said plurality of nodes; sending a certificate revocation list 
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from said central server to said verifying node; enrolling said central server into the 
hybrid authentication system. Ben discloses coupling said central server to a verifying 
node of said plurality of nodes; sending a certificate revocation list from said central 
server to said verifying node; enrolling said central server into the hybrid authentication 
system (Ben: see Abstract section and paragraph [0043]). Therefore, it would have 
been obvious to one ordinary skill in the art to apply the teaching of using a certificate of 
Ben into the method of Leo to have a method and system that simplifies the 
administrative processing associated with the trust paths that are required for valid use 
of digital certificates (Ben: paragraph [0011]). 

35. Claims 9-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Leo 
in view of Dinker, and further in view of Ben. 

36. Regarding claim 9, Leo does not explicit disclose wherein each node of said 
quorum utilizes a partial key for partially signing a certificate related to said new entity 
so as to provide said new entity with a full signature. Ben discloses wherein each node 
of said quorum utilizes a partial key for partially signing a certificate related to said new 
entity so as to provide said new entity with a full signature (Ben: paragraphs [0008 and 
0037]). Therefore, it would have been obvious to one ordinary skill in the art to apply 
the teaching of signing a certificate of Ben into the method of Leo in view of Dinker to 
have a method and system that simplifies the administrative processing associated with 
the trust paths that are required for valid use of digital certificates (Ben: paragraph 
[0011]). 
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37. Regarding claim 10, this claim has limitations that is similar to those of claims 6, 
16 and 21, thus it is rejected with the same rationale applied against claims 6, 16 and 
21 above. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Trang Doan whose telephone number is (571) 272- 
0740. The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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